One of the drupal pages (allowed only to users of the "Editors" role) creates a latex file, which is then compiled into a pdf. This pdf is placed in the public_html directory to allow the user to view it.

The problem is ANYONE can browse to the directory/file by using the address bar.

Currently, I am using the Content Access module, but since this pdf is created OUTSIDE of Drupal, I can't use Drupals access control features.

Is there a way to control who can view these files?

Comments

profjk’s picture

I don't think Drupal can do anything about it (site/directory/file - accesing)
Probably, you can restrict any directory/file access by editing .htaccess file in the root.

dayalsoap’s picture

Is there a way I can manually add this file to the Drupal database with the appropriate permissions?

Is this process documented anywhere? I can't seem to find this documentation as of yet.

profjk’s picture

Editing .htaccess for folder access restriction (which is not exactly access control is not specific to Drpal. It could be done for any HTML files site.

However, your question "Is there a way I can manually add this file to the Drupal database with the appropriate permissions?" might prompt an expert to answer appropriately.

Good luck.

dayalsoap’s picture

I agree with how you've renamed the topic. Thank you for your help.

Bobby1290’s picture

You have (at least) the following options for that:

1) move the files folder outside of the public_html directory, then , as THE administrator go to /admin/settings/file-system, set the new relative path to the files folder, and as "Download method" choose "Private - files are transferred by Drupal."

2) http://drupal.org/project/downld. (Drupal 6 work-around)

3) http://drupal.org/project/private_upload.

Good Luck.

dayalsoap’s picture

I very much appreciate the quick responses. I will be testing your options out over the next couple of days. Again, greatly appreciated.